git-shield

Name	git-shield JSON
Version	1.0.0 JSON
	download
home_page	None
Summary	Advanced secret detection for Git repositories
upload_time	2025-07-27 11:25:42
maintainer	None
docs_url	None
author	None
requires_python	>=3.8
license	MIT
keywords	cli detection git secrets security
VCS
bugtrack_url
requirements	No requirements were recorded.
Travis-CI	No Travis.
coveralls test coverage	No coveralls.

            # 🚀 git-shield

`git-shield` is a lightweight, secure command-line tool that **detects hard-coded secrets, passwords, API keys, and random-looking sensitive data in your Git staged files before you commit.**

👌 Prevent accidental leaks
📊 Generate user-friendly reports
💪 Automate via Git pre-commit hooks
📈 Combines Regex + Shannon Entropy detection for maximum protection

---

## ✨ Features

- 🔍 Scans staged files for:

  - Hardcoded passwords
  - API keys
  - AWS secret keys
  - Private keys
  - Random-looking secrets (using Shannon Entropy)

- 📊 Detailed report: file, line, match type, code context
- ⚡ Fast and minimal dependencies (`click`, `rich`)
- ⚙️ Configurable patterns via optional JSON file
- 🔐 Designed for security (runs 100% locally)

---

## 📦 Installation

Ensure you have **Python 3.7+** installed.

```bash
# Install via PyPI
pip install git-shield
```

Alternatively:

```bash
git clone https://github.com/yourusername/git-shield.git
cd git-shield
pip install .
```

---

## ⚡ Quick Start

Run inside your Git project:

```bash
git-shield
```

👌 No secrets:

```
👌 No secrets detected. Proceeding with commit.
```

❌ Secrets detected:

```
❌ Secrets detected in staged files:

[src/config.py:10] Hardcoded password
  password = "MySecret123"

[src/api.py:45] High-Entropy String
  token = "f98A9dkJLqWE9s7fN..."

💡 Remove secrets before committing.
```

---

## 🛡 Git Pre-commit Hook

To block secrets automatically before every commit:

```bash
echo '#!/bin/sh
git-shield
' > .git/hooks/pre-commit

chmod +x .git/hooks/pre-commit
```

Every `git commit` will now trigger `git-shield`.

---

## ⚙️ Detection Method

- **Regex Detection:** Predefined + optional user-defined patterns.
- **Entropy Detection:** Flags random-looking secrets using Shannon Entropy.

---

## 🔐 Security Focus

- 100% local — no network calls.
- Does not store or upload your code.
- MIT Licensed — Open Source.

---

## 📖 Configurable Patterns

Define custom regex patterns in `patterns.json` (optional):

```json
{
  "Database URL": "postgres://[A-Za-z0-9:_@/]+"
}
```

`git-shield` will load and combine this with built-in patterns.

---

## ❗ Exit Codes

| Exit Code | Meaning                           |
| --------- | --------------------------------- |
| 0         | No secrets found — commit allowed |
| 1         | Secrets detected — commit blocked |
| 2         | Environment/tool errors.          |

Pseudo-logic: — commit blocked |

---

---

## 🤝 Author

👤 **Vamil Porwal**
[GitHub](https://github.com/VamilP)

---

## 📝 License

MIT License — Free to use, modify, and distribute.

---

## ❤️ Support

If you like this project, ⭐ star the repo and share it!

            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "git-shield",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.8",
    "maintainer_email": null,
    "keywords": "cli, detection, git, secrets, security",
    "author": null,
    "author_email": "Vamil Porwal <vamililporwal@gmail.com>",
    "download_url": "https://files.pythonhosted.org/packages/65/49/8084a3c158756671f37aa2766638aa86565bc9a8ad029bf5869240e05088/git_shield-1.0.0.tar.gz",
    "platform": null,
    "description": "# \ud83d\ude80 git-shield\n\n`git-shield` is a lightweight, secure command-line tool that **detects hard-coded secrets, passwords, API keys, and random-looking sensitive data in your Git staged files before you commit.**\n\n\ud83d\udc4c Prevent accidental leaks\n\ud83d\udcca Generate user-friendly reports\n\ud83d\udcaa Automate via Git pre-commit hooks\n\ud83d\udcc8 Combines Regex + Shannon Entropy detection for maximum protection\n\n---\n\n## \u2728 Features\n\n- \ud83d\udd0d Scans staged files for:\n\n  - Hardcoded passwords\n  - API keys\n  - AWS secret keys\n  - Private keys\n  - Random-looking secrets (using Shannon Entropy)\n\n- \ud83d\udcca Detailed report: file, line, match type, code context\n- \u26a1 Fast and minimal dependencies (`click`, `rich`)\n- \u2699\ufe0f Configurable patterns via optional JSON file\n- \ud83d\udd10 Designed for security (runs 100% locally)\n\n---\n\n## \ud83d\udce6 Installation\n\nEnsure you have **Python 3.7+** installed.\n\n```bash\n# Install via PyPI\npip install git-shield\n```\n\nAlternatively:\n\n```bash\ngit clone https://github.com/yourusername/git-shield.git\ncd git-shield\npip install .\n```\n\n---\n\n## \u26a1 Quick Start\n\nRun inside your Git project:\n\n```bash\ngit-shield\n```\n\n\ud83d\udc4c No secrets:\n\n```\n\ud83d\udc4c No secrets detected. Proceeding with commit.\n```\n\n\u274c Secrets detected:\n\n```\n\u274c Secrets detected in staged files:\n\n[src/config.py:10] Hardcoded password\n  password = \"MySecret123\"\n\n[src/api.py:45] High-Entropy String\n  token = \"f98A9dkJLqWE9s7fN...\"\n\n\ud83d\udca1 Remove secrets before committing.\n```\n\n---\n\n## \ud83d\udee1 Git Pre-commit Hook\n\nTo block secrets automatically before every commit:\n\n```bash\necho '#!/bin/sh\ngit-shield\n' > .git/hooks/pre-commit\n\nchmod +x .git/hooks/pre-commit\n```\n\nEvery `git commit` will now trigger `git-shield`.\n\n---\n\n## \u2699\ufe0f Detection Method\n\n- **Regex Detection:** Predefined + optional user-defined patterns.\n- **Entropy Detection:** Flags random-looking secrets using Shannon Entropy.\n\n---\n\n## \ud83d\udd10 Security Focus\n\n- 100% local \u2014 no network calls.\n- Does not store or upload your code.\n- MIT Licensed \u2014 Open Source.\n\n---\n\n## \ud83d\udcd6 Configurable Patterns\n\nDefine custom regex patterns in `patterns.json` (optional):\n\n```json\n{\n  \"Database URL\": \"postgres://[A-Za-z0-9:_@/]+\"\n}\n```\n\n`git-shield` will load and combine this with built-in patterns.\n\n---\n\n## \u2757 Exit Codes\n\n| Exit Code | Meaning                           |\n| --------- | --------------------------------- |\n| 0         | No secrets found \u2014 commit allowed |\n| 1         | Secrets detected \u2014 commit blocked |\n| 2         | Environment/tool errors.          |\n\nPseudo-logic: \u2014 commit blocked |\n\n---\n\n---\n\n## \ud83e\udd1d Author\n\n\ud83d\udc64 **Vamil Porwal**\n[GitHub](https://github.com/VamilP)\n\n---\n\n## \ud83d\udcdd License\n\nMIT License \u2014 Free to use, modify, and distribute.\n\n---\n\n## \u2764\ufe0f Support\n\nIf you like this project, \u2b50 star the repo and share it!\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Advanced secret detection for Git repositories",
    "version": "1.0.0",
    "project_urls": {
        "Homepage": "https://github.com/username/git-shield",
        "Issues": "https://github.com/username/git-shield/issues",
        "Repository": "https://github.com/username/git-shield"
    },
    "split_keywords": [
        "cli",
        " detection",
        " git",
        " secrets",
        " security"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "401607b9ec9123fc2b8e2f4822a5b7a9e0b179c87c662ac7ee5b5c65c93595ce",
                "md5": "7ee1295772df4bcb7e3ddd1c88d4e5d6",
                "sha256": "7eb078c8ddf4d03d97309ac173cdafae1d0cb3d3d15028c941beb326d9413e30"
            },
            "downloads": -1,
            "filename": "git_shield-1.0.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "7ee1295772df4bcb7e3ddd1c88d4e5d6",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.8",
            "size": 7341,
            "upload_time": "2025-07-27T11:25:41",
            "upload_time_iso_8601": "2025-07-27T11:25:41.249427Z",
            "url": "https://files.pythonhosted.org/packages/40/16/07b9ec9123fc2b8e2f4822a5b7a9e0b179c87c662ac7ee5b5c65c93595ce/git_shield-1.0.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "65498084a3c158756671f37aa2766638aa86565bc9a8ad029bf5869240e05088",
                "md5": "9c17543e438810f0bb7792ae9275f6ba",
                "sha256": "0e21b9744f4e0bc6265e60b58c279766e31d5d5a2b8d9db29f1fa182494f8744"
            },
            "downloads": -1,
            "filename": "git_shield-1.0.0.tar.gz",
            "has_sig": false,
            "md5_digest": "9c17543e438810f0bb7792ae9275f6ba",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8",
            "size": 6258,
            "upload_time": "2025-07-27T11:25:42",
            "upload_time_iso_8601": "2025-07-27T11:25:42.496164Z",
            "url": "https://files.pythonhosted.org/packages/65/49/8084a3c158756671f37aa2766638aa86565bc9a8ad029bf5869240e05088/git_shield-1.0.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-07-27 11:25:42",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "username",
    "github_project": "git-shield",
    "github_not_found": true,
    "lcname": "git-shield"
}